Hotel and serviced apartment giant Meriton has been hit by a cyber attack, potentially exposing the details of up to 2000 guests and staff.
The company said very little sensitive information was stolen in the January security breach and credit card details were not compromised.
Instead, hackers accessed "incident reports" such as injuries sustained at Meriton properties.
"There is no evidence that affected individuals have had their information misused, nor that any information has been released into the public realm," the company said.
"Meriton has been working closely alongside leading cybersecurity and forensic IT professionals and taking all available steps to protect against future risk to data and prevent recurrence.
"This has included implementing enhanced cyber security measures to protect Meriton's network as well as extensive network monitoring so that Meriton can quickly identify and respond to any future issues."
The company operates several serviced apartment sites in Sydney, Brisbane and the Gold Coast and one in both Melbourne and Canberra.
It joins a string of firms that have been attacked by hackers in the past 12 months.
In recent days, consumer finance company Latitude Group revealed 14 million Australian and New Zealand customers were exposed after personal records were stolen from its systems by hackers.
The attack, detected earlier this month, snared 7.9 million drivers licences, about 53,000 passport numbers and an additional 6.1 million records, including names, addresses, telephone numbers and dates of birth.
The consumer watchdog has urged business leaders to re-double efforts to keep their customers safe amid a spike in online financial scams and identity theft.
More than $569 million was reported stolen in scams in 2022, but this only represents 13 per cent of the actual figure.
Millions of people had their personal data stolen last year in a series of high-profile hacks, including Medibank and Optus.
© AAP 2023